CSRF chat

You may think adding tokens to your forms will completely protect you from CSRF, you'd be wrong. I've shown in previous blog entries how you can use CSS overlays to bypass tokens. I decided to create a real world example which uses these techniques to create something cool. The world's first CSRF chat! I got a couple of friends to try it out on various browsers and we could successfully communicate in pretty much real time.

Try it out here:- CSRF chat

The technique uses delicious as a central hub to store the chat data, using a bookmarked url as a username and the description as chat data. A login is performed first using a hidden iframe with one delicious account shared between chat users. Another iframe is then used to load the messages, using JSON which is provided by delicious the chat data is then displayed. Confirmation is required because delicious uses tokens, I simply overlay the request using yet another iframe which displays the save button from the delicious web site.

Big thanks to David, Ronald, Mario and everyone else who helped test the chat room.